package com.yangyao.microserviceoauth2.order.controller;

import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RestController;

import java.security.Principal;

/**
 * @version : V1.0
 * @Description:
 * @Auther: yangyao
 * @Date: 2019/12/18 14:39
 */
@RestController
public class OrderController {

    @PreAuthorize("#oauth2.hasScope('all')")
    @GetMapping(value = "/user")
    public String helloWorld(Principal principal) {
        return principal == null ? "Hello anonymous" : "Hello " + principal.getName();
    }

    /**
     *
     * @param principal
     * @return
     */
    @PreAuthorize("#oauth2.hasScope('all') and hasRole('ROLE_ADMIN')")
    @GetMapping(value = "/hasRole")
    public String helloSecret(Principal principal) {
        return principal == null ? "Hello anonymous" : "S3CR3T  - Hello " + principal.getName();
    }
}
